directus 9.8.0 → 9.9.0

package/dist/services/authorization.js

@@ -35,7 +35,7 @@ class AuthorizationService {
             throw new exceptions_2.ForbiddenException();
         }
         validateFields(ast);
-        validateFilterPermissions(ast, this.schema, this.accountability);
+        validateFilterPermissions(ast, this.schema, action, this.accountability);
         applyFilters(ast, this.accountability);
         return ast;
         /**
@@ -87,6 +87,8 @@ class AuthorizationService {
                         if (!aliasMap)
                             continue;
                         for (const column of Object.values(aliasMap)) {
+                            if (column === '*')
+                                continue;
                             if (allowedFields.includes(column) === false)
                                 throw new exceptions_2.ForbiddenException();
                         }
@@ -106,7 +108,7 @@ class AuthorizationService {
                 }
             }
         }
-        function validateFilterPermissions(ast, schema, accountability) {
+        function validateFilterPermissions(ast, schema, action, accountability) {
             var _a, _b, _c, _d, _e;
             let requiredFieldPermissions = {};
             if (ast.type !== 'field') {
@@ -114,28 +116,34 @@ class AuthorizationService {
                     for (const collection of Object.keys(ast.children)) {
                         requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, extractRequiredFieldPermissions(collection, (_c = (_b = (_a = ast.query) === null || _a === void 0 ? void 0 : _a[collection]) === null || _b === void 0 ? void 0 : _b.filter) !== null && _c !== void 0 ? _c : {}));
                         for (const child of ast.children[collection]) {
-                            // Always add relational field as a deep child may have a filter
-                            if (child.type !== 'field') {
-                                (requiredFieldPermissions[collection] || (requiredFieldPermissions[collection] = new Set())).add(child.fieldKey);
+                            const childPermissions = validateFilterPermissions(child, schema, action, accountability);
+                            if (Object.keys(childPermissions).length > 0) {
+                                //Only add relational field if deep child has a filter
+                                if (child.type !== 'field') {
+                                    (requiredFieldPermissions[collection] || (requiredFieldPermissions[collection] = new Set())).add(child.fieldKey);
+                                }
+                                requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, childPermissions);
                             }
-                            requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, validateFilterPermissions(child, schema, accountability));
                         }
                     }
                 }
                 else {
                     requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, extractRequiredFieldPermissions(ast.name, (_e = (_d = ast.query) === null || _d === void 0 ? void 0 : _d.filter) !== null && _e !== void 0 ? _e : {}));
                     for (const child of ast.children) {
-                        // Always add relational field as a deep child may have a filter
-                        if (child.type !== 'field') {
-                            (requiredFieldPermissions[ast.name] || (requiredFieldPermissions[ast.name] = new Set())).add(child.fieldKey);
+                        const childPermissions = validateFilterPermissions(child, schema, action, accountability);
+                        if (Object.keys(childPermissions).length > 0) {
+                            // Only add relational field if deep child has a filter
+                            if (child.type !== 'field') {
+                                (requiredFieldPermissions[ast.name] || (requiredFieldPermissions[ast.name] = new Set())).add(child.fieldKey);
+                            }
+                            requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, childPermissions);
                         }
-                        requiredFieldPermissions = mergeRequiredFieldPermissions(requiredFieldPermissions, validateFilterPermissions(child, schema, accountability));
                     }
                 }
             }
             if (ast.type === 'root') {
                 // Validate all required permissions once at the root level
-                checkFieldPermissions(requiredFieldPermissions);
+                checkFieldPermissions(ast.name, schema, action, requiredFieldPermissions);
             }
             return requiredFieldPermissions;
             function extractRequiredFieldPermissions(collection, filter, parentCollection, parentField) {
@@ -153,6 +161,34 @@ class AuthorizationService {
                         // Filter value is not a filter, so we should skip it
                         return result;
                     }
+                    // m2a filter in the form of `item:collection`
+                    else if (filterKey.includes(':')) {
+                        const [field, collectionScope] = filterKey.split(':');
+                        if (collection) {
+                            // Add the `item` field to the required permissions
+                            (result[collection] || (result[collection] = new Set())).add(field);
+                            // Add the `collection` field to the required permissions
+                            result[collection].add('collection');
+                        }
+                        else {
+                            const relation = schema.relations.find((relation) => {
+                                var _a;
+                                return ((relation.collection === parentCollection && relation.field === parentField) ||
+                                    (relation.related_collection === parentCollection && ((_a = relation.meta) === null || _a === void 0 ? void 0 : _a.one_field) === parentField));
+                            });
+                            // Filter key not found in parent collection
+                            if (!relation)
+                                throw new exceptions_2.ForbiddenException();
+                            const relatedCollectionName = relation.related_collection === parentCollection ? relation.collection : relation.related_collection;
+                            // Add the `item` field to the required permissions
+                            (result[relatedCollectionName] || (result[relatedCollectionName] = new Set())).add(field);
+                            // Add the `collection` field to the required permissions
+                            result[relatedCollectionName].add('collection');
+                        }
+                        // Continue to parse the filter for nested `collection` afresh
+                        const requiredPermissions = extractRequiredFieldPermissions(collectionScope, filterValue);
+                        result = mergeRequiredFieldPermissions(result, requiredPermissions);
+                    }
                     else {
                         if (collection) {
                             (result[collection] || (result[collection] = new Set())).add(filterKey);
@@ -163,20 +199,12 @@ class AuthorizationService {
                                 return ((relation.collection === parentCollection && relation.field === parentField) ||
                                     (relation.related_collection === parentCollection && ((_a = relation.meta) === null || _a === void 0 ? void 0 : _a.one_field) === parentField));
                             });
-                            if (relation) {
-                                if (relation.related_collection === parentCollection) {
-                                    (result[relation.collection] || (result[relation.collection] = new Set())).add(filterKey);
-                                    parentCollection = relation.collection;
-                                }
-                                else {
-                                    (result[relation.related_collection] || (result[relation.related_collection] = new Set())).add(filterKey);
-                                    parentCollection = relation.related_collection;
-                                }
-                            }
-                            else {
-                                // Filter key not found in parent collection
+                            // Filter key not found in parent collection
+                            if (!relation)
                                 throw new exceptions_2.ForbiddenException();
-                            }
+                            parentCollection =
+                                relation.related_collection === parentCollection ? relation.collection : relation.related_collection;
+                            (result[parentCollection] || (result[parentCollection] = new Set())).add(filterKey);
                         }
                         if (typeof filterValue === 'object') {
                             // Parent collection is undefined when we process the top level filter
@@ -214,20 +242,34 @@ class AuthorizationService {
                 }
                 return current;
             }
-            function checkFieldPermissions(requiredPermissions) {
-                var _a;
+            function checkFieldPermissions(rootCollection, schema, action, requiredPermissions) {
+                var _a, _b;
                 if ((accountability === null || accountability === void 0 ? void 0 : accountability.admin) === true)
                     return;
                 for (const collection of Object.keys(requiredPermissions)) {
                     const permission = (_a = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _a === void 0 ? void 0 : _a.find((permission) => permission.collection === collection && permission.action === 'read');
-                    if (!permission || !permission.fields)
+                    let allowedFields;
+                    // Allow the filtering of top level ID for actions such as update and delete
+                    if (action !== 'read' && collection === rootCollection) {
+                        const actionPermission = (_b = accountability === null || accountability === void 0 ? void 0 : accountability.permissions) === null || _b === void 0 ? void 0 : _b.find((permission) => permission.collection === collection && permission.action === action);
+                        if (!actionPermission || !actionPermission.fields) {
+                            throw new exceptions_2.ForbiddenException();
+                        }
+                        allowedFields = (permission === null || permission === void 0 ? void 0 : permission.fields)
+                            ? [...permission.fields, schema.collections[collection].primary]
+                            : [schema.collections[collection].primary];
+                    }
+                    else if (!permission || !permission.fields) {
                         throw new exceptions_2.ForbiddenException();
-                    const allowedFields = permission.fields;
+                    }
+                    else {
+                        allowedFields = permission.fields;
+                    }
                     if (allowedFields.includes('*'))
                         continue;
                     // Allow legacy permissions with an empty fields array, where id can be accessed
                     if (allowedFields.length === 0)
-                        allowedFields.push('id');
+                        allowedFields.push(schema.collections[collection].primary);
                     for (const field of requiredPermissions[collection]) {
                         if (!allowedFields.includes(field))
                             throw new exceptions_2.ForbiddenException();
@@ -342,7 +384,7 @@ class AuthorizationService {
             }
         }
         if (hasFieldValidationRules) {
-            if (permission.validation) {
+            if (permission.validation && Object.keys(permission.validation).length > 0) {
                 permission.validation = { _and: [permission.validation, ...fieldValidationRules] };
             }
             else {

package/dist/services/collections.d.ts

@@ -4,6 +4,7 @@ import Keyv from 'keyv';
 import { AbstractServiceOptions, Collection, CollectionMeta, MutationOptions } from '../types';
 import { Accountability, RawField, SchemaOverview } from '@directus/shared/types';
 import { Table } from 'knex-schema-inspector/dist/types/table';
+import { Helpers } from '../database/helpers';
 export declare type RawCollection = {
     collection: string;
     fields?: RawField[];
@@ -12,6 +13,7 @@ export declare type RawCollection = {
 };
 export declare class CollectionsService {
     knex: Knex;
+    helpers: Helpers;
     accountability: Accountability | null;
     schemaInspector: ReturnType<typeof SchemaInspector>;
     schema: SchemaOverview;

package/dist/services/collections.js

@@ -32,9 +32,12 @@ const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const fields_1 = require("../services/fields");
 const items_1 = require("../services/items");
+const utils_1 = require("@directus/shared/utils");
+const helpers_1 = require("../database/helpers");
 class CollectionsService {
     constructor(options) {
         this.knex = options.knex || (0, database_1.default)();
+        this.helpers = (0, helpers_1.getHelpers)(this.knex);
         this.accountability = options.accountability || null;
         this.schemaInspector = options.knex ? (0, schema_1.default)(options.knex) : (0, database_1.getSchemaInspector)();
         this.schema = options.schema;
@@ -96,6 +99,11 @@ class CollectionsService {
                                 collection: payload.collection,
                             };
                         }
+                        // Add flag for specific database type overrides
+                        const flagToAdd = this.helpers.date.fieldFlagForField(field.type);
+                        if (flagToAdd) {
+                            (0, utils_1.addFieldFlag)(field, flagToAdd);
+                        }
                         return field;
                     });
                     const fieldsService = new fields_1.FieldsService({ knex: trx, schema: this.schema });

package/dist/services/fields.js

@@ -40,6 +40,7 @@ const utils_1 = require("@directus/shared/utils");
 const lodash_1 = require("lodash");
 const relations_1 = require("./relations");
 const helpers_1 = require("../database/helpers");
+const constants_2 = require("@directus/shared/constants");
 class FieldsService {
     constructor(options) {
         this.knex = options.knex || (0, database_1.default)();
@@ -60,6 +61,7 @@ class FieldsService {
         }));
     }
     async readAll(collection) {
+        var _a, _b, _c, _d;
         let fields;
         if (this.accountability && this.accountability.admin !== true && this.hasReadAccess === false) {
             throw new exceptions_1.ForbiddenException();
@@ -151,6 +153,15 @@ class FieldsService {
                 return allowedFields.includes(field.field);
             });
         }
+        // Update specific database type overrides
+        for (const field of result) {
+            if ((_b = (_a = field.meta) === null || _a === void 0 ? void 0 : _a.special) === null || _b === void 0 ? void 0 : _b.includes('cast-timestamp')) {
+                field.type = 'timestamp';
+            }
+            else if ((_d = (_c = field.meta) === null || _c === void 0 ? void 0 : _c.special) === null || _d === void 0 ? void 0 : _d.includes('cast-datetime')) {
+                field.type = 'dateTime';
+            }
+        }
         return result;
     }
     async readOne(collection, field) {
@@ -206,6 +217,11 @@ class FieldsService {
             if (exists) {
                 throw new exceptions_1.InvalidPayloadException(`Field "${field.field}" already exists in collection "${collection}"`);
             }
+            // Add flag for specific database type overrides
+            const flagToAdd = this.helpers.date.fieldFlagForField(field.type);
+            if (flagToAdd) {
+                (0, utils_1.addFieldFlag)(field, flagToAdd);
+            }
             await this.knex.transaction(async (trx) => {
                 const itemsService = new items_1.ItemsService('directus_fields', {
                     knex: trx,
@@ -452,9 +468,16 @@ class FieldsService {
             column = table[field.type](field.field);
         }
         if (((_f = field.schema) === null || _f === void 0 ? void 0 : _f.default_value) !== undefined) {
-            if (typeof field.schema.default_value === 'string' && field.schema.default_value.toLowerCase() === 'now()') {
+            if (typeof field.schema.default_value === 'string' &&
+                (field.schema.default_value.toLowerCase() === 'now()' || field.schema.default_value === 'CURRENT_TIMESTAMP')) {
                 column.defaultTo(this.knex.fn.now());
             }
+            else if (typeof field.schema.default_value === 'string' &&
+                field.schema.default_value.includes('CURRENT_TIMESTAMP(') &&
+                field.schema.default_value.includes(')')) {
+                const precision = field.schema.default_value.match(constants_2.REGEX_BETWEEN_PARENS)[1];
+                column.defaultTo(this.knex.fn.now(Number(precision)));
+            }
             else if (typeof field.schema.default_value === 'string' &&
                 ['"null"', 'null'].includes(field.schema.default_value.toLowerCase())) {
                 column.defaultTo(null);

package/dist/services/files.d.ts

@@ -1,5 +1,5 @@
 /// <reference types="node" />
-import { AbstractServiceOptions, File, PrimaryKey, MutationOptions } from '../types';
+import { AbstractServiceOptions, File, PrimaryKey, MutationOptions, Metadata } from '../types';
 import { ItemsService } from './items';
 export declare class FilesService extends ItemsService {
     constructor(options: AbstractServiceOptions);
@@ -10,6 +10,10 @@ export declare class FilesService extends ItemsService {
         filename_download: string;
         storage: string;
     }, primaryKey?: PrimaryKey, opts?: MutationOptions): Promise<PrimaryKey>;
+    /**
+     * Extract metadata from a buffer's content
+     */
+    getMetadata(bufferContent: any, allowList?: any): Promise<Metadata>;
     /**
      * Import a single file from an external URL
      */

package/dist/services/files.js

@@ -88,46 +88,13 @@ class FilesService extends items_1.ItemsService {
         payload.filesize = size;
         if (['image/jpeg', 'image/png', 'image/webp', 'image/gif', 'image/tiff'].includes(payload.type)) {
             const buffer = await storage_1.default.disk(data.storage).getBuffer(payload.filename_disk);
-            try {
-                const meta = await (0, sharp_1.default)(buffer.content, {}).metadata();
-                if (meta.orientation && meta.orientation >= 5) {
-                    payload.height = meta.width;
-                    payload.width = meta.height;
-                }
-                else {
-                    payload.width = meta.width;
-                    payload.height = meta.height;
-                }
-            }
-            catch (err) {
-                logger_1.default.warn(`Couldn't extract sharp metadata from file`);
-                logger_1.default.warn(err);
-            }
-            payload.metadata = {};
-            try {
-                payload.metadata = await exifr_1.default.parse(buffer.content, {
-                    icc: false,
-                    iptc: true,
-                    ifd1: true,
-                    interop: true,
-                    translateValues: true,
-                    reviveValues: true,
-                    mergeOutput: false,
-                });
-                if ((_b = (_a = payload.metadata) === null || _a === void 0 ? void 0 : _a.iptc) === null || _b === void 0 ? void 0 : _b.Headline) {
-                    payload.title = payload.metadata.iptc.Headline;
-                }
-                if (!payload.description && ((_d = (_c = payload.metadata) === null || _c === void 0 ? void 0 : _c.iptc) === null || _d === void 0 ? void 0 : _d.Caption)) {
-                    payload.description = payload.metadata.iptc.Caption;
-                }
-                if ((_f = (_e = payload.metadata) === null || _e === void 0 ? void 0 : _e.iptc) === null || _f === void 0 ? void 0 : _f.Keywords) {
-                    payload.tags = payload.metadata.iptc.Keywords;
-                }
-            }
-            catch (err) {
-                logger_1.default.warn(`Couldn't extract EXIF metadata from file`);
-                logger_1.default.warn(err);
-            }
+            const { height, width, description, title, tags, metadata } = await this.getMetadata(buffer.content);
+            (_a = payload.height) !== null && _a !== void 0 ? _a : (payload.height = height);
+            (_b = payload.width) !== null && _b !== void 0 ? _b : (payload.width = width);
+            (_c = payload.description) !== null && _c !== void 0 ? _c : (payload.description = description);
+            (_d = payload.title) !== null && _d !== void 0 ? _d : (payload.title = title);
+            (_e = payload.tags) !== null && _e !== void 0 ? _e : (payload.tags = tags);
+            (_f = payload.metadata) !== null && _f !== void 0 ? _f : (payload.metadata = metadata);
         }
         // We do this in a service without accountability. Even if you don't have update permissions to the file,
         // we still want to be able to set the extracted values from the file on create
@@ -152,6 +119,58 @@ class FilesService extends items_1.ItemsService {
         }
         return primaryKey;
     }
+    /**
+     * Extract metadata from a buffer's content
+     */
+    async getMetadata(bufferContent, allowList = env_1.default.FILE_METADATA_ALLOW_LIST) {
+        const metadata = {};
+        try {
+            const sharpMetadata = await (0, sharp_1.default)(bufferContent, {}).metadata();
+            if (sharpMetadata.orientation && sharpMetadata.orientation >= 5) {
+                metadata.height = sharpMetadata.width;
+                metadata.width = sharpMetadata.height;
+            }
+            else {
+                metadata.width = sharpMetadata.width;
+                metadata.height = sharpMetadata.height;
+            }
+        }
+        catch (err) {
+            logger_1.default.warn(`Couldn't extract sharp metadata from file`);
+            logger_1.default.warn(err);
+        }
+        try {
+            const exifrMetadata = await exifr_1.default.parse(bufferContent, {
+                icc: false,
+                iptc: true,
+                ifd1: true,
+                interop: true,
+                translateValues: true,
+                reviveValues: true,
+                mergeOutput: false,
+            });
+            if (allowList === '*' || (allowList === null || allowList === void 0 ? void 0 : allowList[0]) === '*') {
+                metadata.metadata = exifrMetadata;
+            }
+            else {
+                metadata.metadata = (0, lodash_1.pick)(exifrMetadata, allowList);
+            }
+            if (!metadata.description && (exifrMetadata === null || exifrMetadata === void 0 ? void 0 : exifrMetadata.Caption)) {
+                metadata.description = exifrMetadata.Caption;
+            }
+            if (exifrMetadata === null || exifrMetadata === void 0 ? void 0 : exifrMetadata.Headline) {
+                metadata.title = exifrMetadata.Headline;
+            }
+            if (exifrMetadata === null || exifrMetadata === void 0 ? void 0 : exifrMetadata.Keywords) {
+                metadata.tags = exifrMetadata.Keywords;
+            }
+        }
+        catch (err) {
+            logger_1.default.warn(`Couldn't extract EXIF metadata from file`);
+            logger_1.default.warn(err);
+        }
+        return metadata;
+    }
     /**
      * Import a single file from an external URL
      */

package/dist/services/graphql.d.ts

@@ -1,9 +1,8 @@
+import { BaseException } from '@directus/shared/exceptions';
+import { Accountability, Query, SchemaOverview } from '@directus/shared/types';
 import { ArgumentNode, FormattedExecutionResult, FragmentDefinitionNode, GraphQLError, GraphQLResolveInfo, GraphQLScalarType, GraphQLSchema, ObjectFieldNode, SelectionNode } from 'graphql';
-import { SchemaOverview } from '@directus/shared/types';
 import { ObjectTypeComposer, SchemaComposer } from 'graphql-compose';
 import { Knex } from 'knex';
-import { BaseException } from '@directus/shared/exceptions';
-import { Accountability, Query } from '@directus/shared/types';
 import { AbstractServiceOptions, GraphQLParams, Item } from '../types';
 import { ItemsService } from './items';
 export declare const GraphQLGeoJSON: GraphQLScalarType;

package/dist/services/graphql.js

@@ -5,20 +5,22 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.GraphQLService = exports.GraphQLDate = exports.GraphQLGeoJSON = void 0;
 const argon2_1 = __importDefault(require("argon2"));
-const validate_query_1 = require("../utils/validate-query");
 const graphql_1 = require("graphql");
 const graphql_compose_1 = require("graphql-compose");
 const lodash_1 = require("lodash");
 const ms_1 = __importDefault(require("ms"));
 const cache_1 = require("../cache");
+const constants_1 = require("../constants");
 const database_1 = __importDefault(require("../database"));
 const env_1 = __importDefault(require("../env"));
 const exceptions_1 = require("../exceptions");
 const extensions_1 = require("../extensions");
 const types_1 = require("../types");
+const generate_hash_1 = require("../utils/generate-hash");
 const get_graphql_type_1 = require("../utils/get-graphql-type");
 const reduce_schema_1 = require("../utils/reduce-schema");
 const sanitize_query_1 = require("../utils/sanitize-query");
+const validate_query_1 = require("../utils/validate-query");
 const activity_1 = require("./activity");
 const authentication_1 = require("./authentication");
 const collections_1 = require("./collections");
@@ -26,9 +28,9 @@ const fields_1 = require("./fields");
 const files_1 = require("./files");
 const folders_1 = require("./folders");
 const items_1 = require("./items");
+const notifications_1 = require("./notifications");
 const permissions_1 = require("./permissions");
 const presets_1 = require("./presets");
-const notifications_1 = require("./notifications");
 const relations_1 = require("./relations");
 const revisions_1 = require("./revisions");
 const roles_1 = require("./roles");
@@ -40,8 +42,6 @@ const tfa_1 = require("./tfa");
 const users_1 = require("./users");
 const utils_1 = require("./utils");
 const webhooks_1 = require("./webhooks");
-const generate_hash_1 = require("../utils/generate-hash");
-const constants_1 = require("../constants");
 const GraphQLVoid = new graphql_1.GraphQLScalarType({
     name: 'Void',
     description: 'Represents NULL values',
@@ -235,6 +235,14 @@ class GraphQLService {
         function getTypes(action) {
             var _a, _b, _c, _d, _e;
             const CollectionTypes = {};
+            const CountFunctions = schemaComposer.createObjectTC({
+                name: 'count_functions',
+                fields: {
+                    count: {
+                        type: graphql_1.GraphQLInt,
+                    },
+                },
+            });
             const DateFunctions = schemaComposer.createObjectTC({
                 name: 'date_functions',
                 fields: {
@@ -328,6 +336,15 @@ class GraphQLService {
                                 },
                             };
                         }
+                        if (field.type === 'json' || field.type === 'alias') {
+                            acc[`${field.field}_func`] = {
+                                type: CountFunctions,
+                                resolve: (obj) => {
+                                    const funcFields = Object.keys(CountFunctions.getFields()).map((key) => `${field.field}_${key}`);
+                                    return (0, lodash_1.mapKeys)((0, lodash_1.pick)(obj, funcFields), (_value, key) => key.substring(field.field.length + 1));
+                                },
+                            };
+                        }
                         return acc;
                     }, {}),
                 });
@@ -550,6 +567,14 @@ class GraphQLService {
                     },
                 },
             });
+            const CountFunctionFilterOperators = schemaComposer.createInputTC({
+                name: 'count_function_filter_operators',
+                fields: {
+                    count: {
+                        type: NumberFilterOperators,
+                    },
+                },
+            });
             const DateFunctionFilterOperators = schemaComposer.createInputTC({
                 name: 'date_function_filter_operators',
                 fields: {
@@ -634,6 +659,11 @@ class GraphQLService {
                                 type: DateTimeFunctionFilterOperators,
                             };
                         }
+                        if (field.type === 'json' || field.type === 'alias') {
+                            acc[`${field.field}_func`] = {
+                                type: CountFunctionFilterOperators,
+                            };
+                        }
                         return acc;
                     }, {}),
                 });
@@ -1308,7 +1338,7 @@ class GraphQLService {
         return result;
     }
     injectSystemResolvers(schemaComposer, { CreateCollectionTypes, ReadCollectionTypes, UpdateCollectionTypes, DeleteCollectionTypes, }, schema) {
-        var _a, _b, _c, _d, _e;
+        var _a, _b, _c, _d, _e, _f;
         const AuthTokens = schemaComposer.createObjectTC({
             name: 'auth_tokens',
             fields: {
@@ -2131,7 +2161,7 @@ class GraphQLService {
                 },
             });
         }
-        if ('directus_users' in schema.update.collections) {
+        if ('directus_users' in schema.update.collections && ((_c = this.accountability) === null || _c === void 0 ? void 0 : _c.user)) {
             schemaComposer.Mutation.addFields({
                 update_users_me: {
                     type: ReadCollectionTypes['directus_users'],
@@ -2160,7 +2190,7 @@ class GraphQLService {
         if ('directus_activity' in schema.create.collections) {
             schemaComposer.Mutation.addFields({
                 create_comment: {
-                    type: (_c = ReadCollectionTypes['directus_activity']) !== null && _c !== void 0 ? _c : graphql_1.GraphQLBoolean,
+                    type: (_d = ReadCollectionTypes['directus_activity']) !== null && _d !== void 0 ? _d : graphql_1.GraphQLBoolean,
                     args: {
                         collection: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
                         item: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLID),
@@ -2192,7 +2222,7 @@ class GraphQLService {
         if ('directus_activity' in schema.update.collections) {
             schemaComposer.Mutation.addFields({
                 update_comment: {
-                    type: (_d = ReadCollectionTypes['directus_activity']) !== null && _d !== void 0 ? _d : graphql_1.GraphQLBoolean,
+                    type: (_e = ReadCollectionTypes['directus_activity']) !== null && _e !== void 0 ? _e : graphql_1.GraphQLBoolean,
                     args: {
                         id: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLID),
                         comment: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
@@ -2235,7 +2265,7 @@ class GraphQLService {
         if ('directus_files' in schema.create.collections) {
             schemaComposer.Mutation.addFields({
                 import_file: {
-                    type: (_e = ReadCollectionTypes['directus_files']) !== null && _e !== void 0 ? _e : graphql_1.GraphQLBoolean,
+                    type: (_f = ReadCollectionTypes['directus_files']) !== null && _f !== void 0 ? _f : graphql_1.GraphQLBoolean,
                     args: {
                         url: (0, graphql_1.GraphQLNonNull)(graphql_1.GraphQLString),
                         data: (0, graphql_compose_1.toInputObjectType)(CreateCollectionTypes['directus_files']).setTypeName('create_directus_files_input'),

package/dist/services/payload.d.ts

@@ -10,6 +10,7 @@ declare type Transformers = {
         payload: Partial<Item>;
         accountability: Accountability | null;
         specials: string[];
+        helpers: Helpers;
     }) => Promise<any>;
 };
 /**